Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

984 advisories

Loading
The Bluetooth module has a vulnerability in permission control for broadcast notifications... High Unreviewed
CVE-2023-44101 was published Oct 11, 2023
Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... Moderate Unreviewed
CVE-2023-44102 was published Oct 11, 2023
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to... Moderate Unreviewed
CVE-2023-35013 was published Oct 16, 2023
Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure... Moderate Unreviewed
CVE-2023-45357 was published Oct 17, 2023
An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers... Critical Unreviewed
CVE-2023-45911 was published Oct 18, 2023
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided... Moderate Unreviewed
CVE-2022-27779 was published Jun 3, 2022
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a... Moderate Unreviewed
CVE-2021-22897 was published May 24, 2022
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (... Critical Unreviewed
CVE-2022-32221 was published Dec 6, 2022
DIRAC: Unauthorized users can read proxy contents during generation High
CVE-2024-29905 was published for DIRAC (pip) Apr 9, 2024
In the Linux kernel, the following vulnerability has been resolved: fs/mount_setattr: always... Moderate Unreviewed
CVE-2021-46923 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix... Moderate Unreviewed
CVE-2021-46921 was published Feb 27, 2024
Apache Airflow: DAG Code and Import Error Permissions Ignored Moderate
CVE-2024-27906 was published for apache-airflow (pip) Feb 29, 2024
oscerd sunSUNQ
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code... Moderate Unreviewed
CVE-2023-30802 was published Oct 10, 2023
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to... High Unreviewed
CVE-2023-26588 was published Apr 11, 2023
An information disclosure vulnerability in the?faye endpoint in Proofpoint Threat Response /... Moderate Unreviewed
CVE-2023-2820 was published Jun 15, 2023
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4... Moderate Unreviewed
CVE-2023-32275 was published Oct 12, 2023
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-20692 was published Jan 9, 2024
Windows CoreMessaging Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-20694 was published Jan 9, 2024
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of... Moderate Unreviewed
CVE-2024-21605 was published Apr 12, 2024
In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct... Moderate Unreviewed
CVE-2021-46937 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix wq... Moderate Unreviewed
CVE-2021-46917 was published Feb 27, 2024
In the Linux kernel, the following vulnerability has been resolved: binder: fix async_free_space... Moderate Unreviewed
CVE-2021-46935 was published Feb 27, 2024
Information disclosure in Linux Networking Firmware due to unauthorized information leak during... Moderate Unreviewed
CVE-2022-40525 was published Jun 6, 2023
Information disclosure in Kernel due to indirect branch misprediction. Moderate Unreviewed
CVE-2022-40523 was published Jun 6, 2023
Exposure of Resource to Wrong Sphere in Apache Tomcat Critical
CVE-2017-5648 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 13, 2022
sunSUNQ westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database